tst-env-setuid-tunables.c source code [glibc/elf/tst-env-setuid-tunables.c]

1	/ Copyright (C) 2017-2024 Free Software Foundation, Inc.*
2	This file is part of the GNU C Library.
3
4	The GNU C Library is free software; you can redistribute it and/or
5	modify it under the terms of the GNU Lesser General Public
6	License as published by the Free Software Foundation; either
7	version 2.1 of the License, or (at your option) any later version.
8
9	The GNU C Library is distributed in the hope that it will be useful,
10	but WITHOUT ANY WARRANTY; without even the implied warranty of
11	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12	Lesser General Public License for more details.
13
14	You should have received a copy of the GNU Lesser General Public
15	License along with the GNU C Library; if not, see
16	<https://www.gnu.org/licenses/>. /*
17
18	/ Verify that GLIBC_TUNABLES is kept unchanged but no tunable is actually*
19	enabled for AT_SECURE processes. /*
20
21	#include <dl-tunables.h>
22	#include <errno.h>
23	#include <fcntl.h>
24	#include <stdlib.h>
25	#include <stdint.h>
26	#include <stdio.h>
27	#include <string.h>
28	#include <sys/stat.h>
29	#include <sys/wait.h>
30	#include <unistd.h>
31	#include <intprops.h>
32	#include <array_length.h>
33
34	#include <support/check.h>
35	#include <support/support.h>
36	#include <support/test-driver.h>
37	#include <support/capture_subprocess.h>
38
39	static const char *teststrings[] =
40	{
41	"glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096",
42	"glibc.malloc.check=2:glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096",
43	"glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096:glibc.malloc.check=2",
44	"glibc.malloc.perturb=0x800",
45	"glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096",
46	"glibc.malloc.perturb=0x800:not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096",
47	"glibc.not_valid.check=2:glibc.malloc.mmap_threshold=4096",
48	"not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096",
49	"glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096",
50	"glibc.malloc.check=2",
51	"glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096:glibc.malloc.check=2",
52	"glibc.malloc.check=4:glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096",
53	":glibc.malloc.garbage=2:glibc.malloc.check=1",
54	"glibc.malloc.check=1:glibc.malloc.check=2",
55	"not_valid.malloc.check=2",
56	"glibc.not_valid.check=2",
57	};
58
59	static int
60	test_child (int off)
61	{
62	const char *val = getenv (name: "GLIBC_TUNABLES");
63	int ret = `1`;
64
65	printf (format: " [%d] GLIBC_TUNABLES is %s\n", off, val);
66	fflush (stdout);
67	if (val != NULL)
68	printf (format: " [%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val);
69	else
70	ret = `0`;
71	fflush (stdout);
72
73	/ Also check if the set tunables are effectively unchanged. /
74	int32_t check = TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL);
75	size_t mmap_threshold = TUNABLE_GET_FULL (glibc, malloc, mmap_threshold,
76	size_t, NULL);
77	int32_t perturb = TUNABLE_GET_FULL (glibc, malloc, perturb, int32_t, NULL);
78
79	printf (format: " [%d] glibc.malloc.check=%d\n", off, check);
80	fflush (stdout);
81	printf (format: " [%d] glibc.malloc.mmap_threshold=%zu\n", off, mmap_threshold);
82	fflush (stdout);
83	printf (format: " [%d] glibc.malloc.perturb=%d\n", off, perturb);
84	fflush (stdout);
85
86	ret \|= check != `0`;
87	ret \|= mmap_threshold != `0`;
88	ret \|= perturb != `0`;
89
90	return ret;
91	}
92
93	static int
94	do_test (int argc, char **argv)
95	{
96	/ Setgid child process. /
97	if (argc == `2`)
98	{
99	if (getgid () == getegid ())
100	/ This can happen if the file system is mounted nosuid. /
101	FAIL_UNSUPPORTED ("SGID failed: GID and EGID match (%jd)\n",
102	(intmax_t) getgid ());
103
104	int ret = test_child (atoi (argv[`1`]));
105
106	if (ret != `0`)
107	exit (status: `1`);
108
109	/ Special return code to make sure that the child executed all the way*
110	through. /*
111	exit (status: `42`);
112	}
113	else
114	{
115	/ Spawn tests. /
116	for (int i = `0`; i < array_length (teststrings); i++)
117	{
118	char buf[INT_BUFSIZE_BOUND (int)];
119
120	printf (format: "[%d] Spawned test for %s\n", i, teststrings[i]);
121	snprintf (s: buf, maxlen: sizeof (buf), format: "%d\n", i);
122	fflush (stdout);
123	if (setenv (name: "GLIBC_TUNABLES", value: teststrings[i], replace: `1`) != `0`)
124	{
125	printf (format: " [%d] Failed to set GLIBC_TUNABLES: %m", i);
126	support_record_failure ();
127	continue;
128	}
129
130	int status = support_capture_subprogram_self_sgid (child_id: buf);
131
132	/ Bail out early if unsupported. /
133	if (WEXITSTATUS (status) == EXIT_UNSUPPORTED)
134	return EXIT_UNSUPPORTED;
135
136	if (WEXITSTATUS (status) != `42`)
137	{
138	printf (format: " [%d] child failed with status %d\n", i,
139	WEXITSTATUS (status));
140	support_record_failure ();
141	}
142	}
143	return `0`;
144	}
145	}
146
147	#define TEST_FUNCTION_ARGV do_test
148	#include <support/test-driver.c>
149

source code of glibc/elf/tst-env-setuid-tunables.c